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Top Stories 

• Several school districts were closed while crews worked November 12 to restore power to 
over 50,000 customers in Seattle after freezing temperatures and strong winds knocked 
down trees and power lines November 11. - KIRO 7 Seattle; Associated Press (See item 1) 

• Regulators in the U.S., U.K., and Switzerland issued fines November 12 totaling $4.25 
billion against JPMorgan Chase, Citigroup, HSBC, Royal Bank of Scotland, and UBS for 
conspiring to manipulate foreign currency exchange markets to increase bank profits. - 
New York Times (See item 6) 

• Microsoft released a patch November 1 1 for a data manipulation vulnerability that has 
existed in Windows operating systems and could have been used by attackers to gain 
control of affected systems for the last 18 years. - Softpedia (See item 21) 

• Authorities reported that improperly discarded smoking materials were the source of a 
November 10 fire that caused an estimated $1.25 million in damage to an apartment 
building in Herndon, Virginia. - WUSA 9 Washington, D.C. (See item 33) 




Fast Jump Menu 



PRODUCTION INDUSTRIES 

• Energy 

• Chemical 

• Nuclear Reactors. Materials, and Waste 

• Critical Manufacturing 

• Defense Industrial Base 

• Dams 

SUSTENANCE and HEALTH 

• Food and Agriculture 

• Water and Wastewater Systems 

• Healthcare and Public Health 



SERVICE INDUSTRIES 

• Financial Services 

• Transportation Systems 

• Information Technology 

• Communic ations 

• Commercial Facilities 
FEDERAL and STATE 

• Government Facilities 

• Emergency Services 



1 - 



Energy Sector 



1. November 12, KIRO 7 Seattle; Associated Press - (Washington) Schools closed, 
thousands remain without power as freezing temperatures arrive in western 
Washington. Utility crews continued work November 12 to restore power to over 

50.000 customers around southern King County and Pierce County in Seattle after 
freezing temperatures and strong winds knocked down trees and power lines November 
11. Several school districts were closed while Highway 164 was blocked due to debris 
from fallen trees. 

Source: http://www.kirotv.com/news/news/strong-wind-leaves-damage-freezing- 
temperatures-ar/nh5Xz/ 

2. November 12, KTXS 12 Sweetwater - (Texas) Rollover spills nearly 4,000 gallons of 
gasoline near Sweetwater. A rollover accident involving a semi-truck caused about 

4.000 gallons of gasoline to spill along Highway 70 north of Sweetwater, Texas, 
November 11. The Sweetwater fire chief reported that clean up could take several days. 
Source: http://www.ktxs.com/news/rollover-spills-nearly-400Q-gallons-of- 
gasoline/29669974 

3. November 10, U.S. Department of Labor - (Texas) Texas drilling company, 
Spradling LP, cited for safety and health violations. The Occupational Safety and 
Health Administration cited Spradling LP November 10 for 13 serious health and 
safety violations after exposing workers to hazardous conditions at its Channing 
drilling site near Amarillo. Suggested penalties total $46,200. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=26973 
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Chemical Industry Sector 

Nothing to report 
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Nuclear Reactors, Materials, and Waste Sector 

Nothing to report 
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Critical Manufacturing Sector 

4. November 11, Reuters - (National) Mercedes recalls 10,500 C-Class cars in U.S. for 
steering defect. Mercedes-Benz announced a recall for 10,509 model year 2015 C300 
and C400 vehicles equipped with four-wheel drive due to the potential for a loss of 
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steering function to occur at low speeds due to an improperly installed steering 
component. 

Source: http://www.reuters.eom/article/2014/l 1/1 1/us-mercedes-recall- 
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5. November 11, Autoblog - (National) NHTSA probing 400,000 Infiniti, Honda 
vehicles over steering faults. The National Highway Traffic Safety Administration 
announced 2 vehicle safety investigations November 4, the first of which involves up to 

374.000 model year 2013 Honda Accord vehicles due to reports of vehicles 
experiencing a total loss of power steering. The second investigation concerns around 

17.000 model year 2008 Infiniti EX35 vehicles due to two complaints of the steering 
wheel shaft separating. 

Source: http://www.autoblog.com/2014/ll/ll/honda-infiniti-nhtsa-steering-failure- 
probe/ 
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Defense Industrial Base Sector 

Nothing to report 
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Financial Services Sector 

6. November 12, New York Times - (International) Big banks are fined $4.25 billion in 
foreign exchange scandal. Regulators in the U.S., U.K., and Switzerland issued fines 
November 12 totaling $4.25 billion against JPMorgan Chase, Citigroup, HSBC, Royal 
Bank of Scotland, and UBS for conspiring to manipulate foreign currency exchange 
markets to increase bank profits. 

Source: http://dealbook.nytimes.com/2014/ll/12/british-and-u-s-regulators-fine-big- 
banks-3- 1 6-billion-in-foreign-exchange-scandal/ 

For additional stories, see items 10 and 36 
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Transportation Systems Sector 

7. November 12, KNTV 11 San Jose - (California) Truck carrying 25,000 lbs. of frozen 
turkeys and 40 gallons of diesel spill on road in San Ramon. A semi-truck hauling 
roughly 25,000 pounds of frozen turkeys overturned while trying to negotiate a freeway 
exit ramp on Interstate 680 in San Ramon November 12, dumping its load and spilling 
20 to 40 gallons of diesel onto the roadway. Authorities were forced to shut down 
Interstate 680 at Alcosta Boulevard for 9 hours while crews cleared the scene. 

Source: http://www.nbcbayarea.com/news/local/Turkevs-Diesel-Spill-on-Road-in-San- 
Ramon-Big-Rig-Dublin-CHP-28240227 1 .html 



- 3 - 



8. November 12, Associated Press - (Connecticut) Amtrak service resumes after 
Hartford derailment. Amtrak service between Hartford, Connecticut, and Springfield, 
Massachusetts, resumed more than 6 hours after the wheel of an empty flat car of a 
Connecticut Southern Railroad freight train came off the rail in Hartford November 12. 
No injuries were reported and the incident is under investigation. 

Source: http://www.stamfordadvocate.com/news/article/Freight-derailment-near- 
Hartford-halts-Amtrak-5887632.php 

9. November 12, Arizona Republic - (Arizona) Plane makes emergency landing on 
Interstate 8 in Arizona. Eastbound lanes of Interstate 8 near Maricopa were closed for 
3 hours November 1 1 after a small plane made an emergency landing on the interstate. 
Source: http://www.azcentral.com/storv/news/local/pinal/2014/ll/ll/plane-lands- 
arizona-highway-interstate-8-abrk/l 8893593/ 

10. November 11, KWWL 7 Waterloo - (Iowa) Parking data breach at Eastern Iowa 
Airport. The Eastern Iowa Airport in Cedar Rapids revealed November 11a data 
breach that may have compromised the information of an unknown amount of 
customers who used credit or debit cards at the airport’s public parking facilities 
between September 29 and October 29, after discovering that a server was being mined 
for data. Authorities isolated the server and continue to investigate the extent of the 
incident. 

Source: http://www.kwwl.eom/story/27359520/2014/l 1/1 1/parking-data-breach-at-the- 
eastem-iowa- airport 

For another story, see item 1 
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Food and Agriculture Sector 

11. November 12, WMAQ 5 Chicago - (Illinois) 4 injured in explosion, fire at Turano 
Baking Company building. Four people were injured by a 3-alarm fire that was 
sparked November 1 1 by a propane tank explosion inside a Turano Baking Company 
fleet maintenance garage in Oak Park in Illinois. The structure collapsed and several 
delivery trucks were damaged as a result of the fire, while residents in the area were 
evacuated as a precaution. 

Source: http://www.nbcchicago.com/news/local/Fire-Turano-Bakery-282322901.html 

12. November 10, Ellensburg Daily Record - (Washington) Barn, hay, tractors destroyed 
in fire. A November 7 fire at a farm near Ellensburg rendered a bam a total loss and 
damaged an estimated 600 tons of hay and 2 tractors stored inside the structure. The 
source of the fire that caused an estimated $225,000 in damage is under investigation. 
Source: http://www.dailvrecordnews.com/members/barn-hav-tractors-destroyed-in- 
fire/artide be 144802-69 13-11 e4-b3e9-0b57d6a0e2 1 c.litml 

13. November 10, WIT1 6 Milwaukee - (Wisconsin) Several departments called out to 
grain bin dryer fire in Town of Trenton. About 8,000 bushels of field com worth 
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about $30,000 were damaged during a grain bin dryer fire in the Town of Trenton, 
Wisconsin, November 10. The grain bin and dryer valued at $35,000 were rendered a 
total loss as a result of the fire. 

Source: http ://fox6no w .com/20 14/11/1 0/several-departments-called-out-to- grain-bin- 
dryer-fire-in-town-of-trenton/ 

For another story, see item 7 
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Water and Wastewater Systems Sector 

14. November 12, Capital Public Radio - (California) Contaminated groundwater wells 
close in South Lake Tahoe. Three wells in South Lake Tahoe were shut down after 
high levels of the contaminant PCBE were found. Officials are investigating the source 
of the PCBE, which is partly due to an ongoing drought that has produced less 
groundwater to dilute contamination in the wells. 

Source: http://www.capradio.org/articles/2014/ll/12/contaminated-groundwater-wells- 
close-in-south-lake-tahoe/ 

15. November 11, WOLO 25 Columbia - (South Carolina) Boil water advisory for West 
Columbia. A boil water advisory was issued November 1 1 until further notice for parts 
of the City of West Columbia from Oakwood Drive at Leaphart Road to Harbor Drive 
and all side streets, due to a water main break. 

Source: http://www.abccolumbia.com/news/local/Boil-Water-Advisory-for-West- 
Columbia-282305171.html 
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Healthcare and Public Health Sector 

Nothing to report 
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Government Facilities Sector 

16. November 11, Albany Times Union - (New Jersey) School bus overturns in New 
Jersey; 4 people hurt. A student, two drivers, and a teachers’ aide were injured in an 
accident involving a school bus that was struck by a car in Princeton November 1 1 . 
Source: http://www.timesunion.com/news/article/School-bus-overturns-in-New-Jersey- 
5886101. php 

17. November 10, KTLA 5 Los Angeles - (California) 55 laptops stolen from library on 
UCLA campus; police ask for help finding burglar. The University of California 
Police Department is searching for a suspect who stole 55 laptops worth $33,000 from 
the Charles E. Young Research Library on the University of California, Los Angeles 
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campus November 8. 

Source: http ://ktla.com/20 14/11/1 0/5 5 -laptops-stolen-from-library-on-ucla-campus- 
police-ask-for-help-finding-burglar/ 

18. November 10, WTEN 10 Albany - (New York) Authorities investigate bomb threat 
at Skidmore College. Academic buildings were closed and classes were cancelled at 
Skidmore College in Saratoga Springs for 5 hours November 10 due to a bomb threat 
found outside a campus building. Several other buildings remained closed while police 
continued to search for any suspicious devices. 

Source: http://www.newsl0.com/story/27341966/authorities-investigate-bomb-threat- 
at-skidmore-college 

For another story, see item 1 
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Emergency Services Sector 

19. November 12, WKYT 27 Lexington - (Kentucky) Inmates escape from Adair County 
jail. Police in Columbia are searching for two inmates that walked out of Adair County 
Jail in Kentucky November 11. Authorities discovered the missing inmates during bed 
checks. 

Source: http://www.wkvt.com/home/headlines/Inmates-escape-from-Adair-Countv-iail- 
282381851.html 

20. November 11, KOIN 6 Portland - (Oregon) 911 outage affected rural areas of 
Marion Co. Emergency 9-1-1 service was disrupted for 8 hours November 10 across 
several cities in Marion County due to a cut fiber optic line. 

Source: http://koin.com/2014/ll/10/911-outage-affecting-rural-areas-of-marion- 
county/ 
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Information Technology Sector 

21. November 12, Softpedia - (International) 18-year-old remotely exploitable 
vulnerability in Windows patched by Microsoft. Microsoft released a patch 
November 1 1 for a data manipulation vulnerability that has existed in Windows 
operating systems starting with Windows 95. Researchers with IBM’s X-Force 
discovered and reported the vulnerability in May, which could have been used by 
attackers to gain control of affected systems for the last 18 years. 

Source: http://news.softpedia.com/news/18-vear-01d-Remotely-Expoitable- 
Vulnerabililty-in-Windows-Patched-B y- Microsoft-464769, shtml 

22. November 12, Help Net Security - (International) Microsoft patches Windows, IE, 
Word, SharePoint and IIS. Microsoft released its monthly Patch Tuesday round of 
updates for its products, which includes 14 bulletins including one patching a zero-day 
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vulnerability in the Windows OLE packager for Windows Vista and newer Windows 
operating systems. 

Source: http://www.net-securitv.org/secworld.php?id=17627 

23. November 12, Softpedia - (International) 18 critical vulnerabilities patched in Flash 
Player 15.0.0.223. Adobe released a new version of its Flash Player software, closing 
18 critical security issues, 15 of which could allow an attacker to execute arbitrary 
code. 

Source: http://news.softpedia.com/news/18-Critical-Vulnerabilities-Patched-in-Flash- 
Player- 15-0-0-223-4647 3 1 .shtml 

24. November 12, Network World - (International) Google Doubleclick down, leaving 
sites ad-free. The Google Doubleclick for Publishers service experienced an outage 
November 12, preventing ads from being displayed on several Web sites. Google stated 
that the company was working to resolve the issue. 

Source: http://www.networkworld.com/article/2846816/business-continuity/google- 
doubleclick-down-leaving-sites-ad-free.html 

25. November 12, Softpedia - (International) Air-gapped systems targeted by Sednit 
espionage group. Researchers with ESET stated that the Sednit espionage group (also 
known as APT28 or Sofacy) have employed a tool known as Win3 2/USB Stealer since 
at least 2005 that can exfiltrate data from air gapped systems. The tool is added to a 
compromised system connected to the Internet and then plants the tool on any 
removable storage device, collects information on the air gapped system, and then 
transmits it back to the attackers whenever the storage device is next connected to an 
Internet-connected system. 

Source: http://news.softpedia.com/news/Air-Gapped-Systems-Targeted-by-Sednit- 
Espionage-Group-464734.shtml 

26. November 11, Softpedia - (International) Uroburos espionage group is still active, 
relies on new remote access trojan. G Data researchers found that the Uroburos 
espionage group (also known as Turla or Snake) remains active and is using two similar 
versions of a new remote access trojan (RAT) known as ComRAT that includes 
increased obfuscation and anti-analysis capabilities. 

Source: http://news.softpedia.com/news/Uroburos-Espionage-Group-Is-Still-Active- 
Reles-on-New-Remote-Access-Trojan-464694.shtml 

27. November 10, Securityweek - (International) SQL injection vulnerability patched in 
IP.Board forum software. Invision Power Services released patches for its IP.Board 
forum software November 9, closing a SQL injection vulnerability several hours after 
its discovery on versions 3.3.x and 3.4.x. 

Source: http://www.securityweek.com/sql-iniection-vulnerability-patched- 
ipboard-forum-software 

28. November 10, Securityweek - (International) iOS security issue allows attackers to 
swap good apps for bad ones: FireEye. Researchers with FireEye identified a new 
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attack dubbed a Masque Attack that can allow attackers to replace a legitimate iOS app 
with a malicious one if both applications use the same bundle identifier. Victims 
targeted by the attack must be lured into installing the malicious app which can then be 
replaced by the malicious app on jailbroken and non-jailbroken iOS devices. 

Source: http://www.securitvweek.com/ios-securitv-issue-allows-attackers-swap- 
good-apps-bad-ones-fireeye 

Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 
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Communications Sector 

29. November 12, Washington Post - (National) Weather Service issues expired tornado 
watches in technical glitch. The National Weather Service’s Storm Prediction Center 
experienced a glitch that caused expired and inaccurate tornado and severe 
thunderstorm alerts to be delivered November 12 due to a data transmission problem 
connected to a contractor. Official severed the faulty connection and are investigating 
the incident. 

Source: http://www.washingtonpost.com/blogs/capital-weather- 

gang/wp/2014/11/12/weather-service-issues-expired-tomado-watches-in-technical- 

glitch/ 
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Commercial Facilities Sector 

30. November 12, Wall Street Journal - (New York) Police manhunt continues, as jewel 
heist details emerge. Police are searching for two suspects who allegedly robbed the 
Watch Standard Inc., store in New York City November 1 1 of more than $500,000 in 
jewelry and watches. The store owner was injured after the gunman hit him in the head 
with the gun while the other suspect served as a lookout during the robbery. 

Source: http://online.wsi.com/articles/police-manhunt-for-iewelry-robbers-continues- 
as-heist-details-emerge- 1415817156 

31. November 12, Associated Press - (Massachusetts) Refrigerant leak forces evacuation 
of mall. Thirty individuals were evaluated at the scene and 10 others were transported 
to an area hospital following a refrigerant leak that originated in the food court of the 
Independence Mall in Kingston, Massachusetts, November 11. The mall was evacuated 
and closed while authorities investigated and was expected to reopen November 12. 
Source: http://www.boston.com/news/local/massachusetts/2014/ll/12/refrigerant-leak- 
forces-evacuation-mall/WHTpfiRv6e00uzAdaNvxlL/story.html 
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32. November 12, Associated Press; Sioux City Journal - (South Dakota) Firefighters still 
battling flames at Pierre motel. The Capitol Inn and Suites in Pierre was destroyed by 
fire November 11 displacing dozens of residents from the motel. Firefighters remained 
at the scene November 12 to extinguish hot spots while authorities investigated the 
source of the fire believed to have started on the west side of the building. 

Source: http://siouxcitviournal.com/ap/state/firefighters-still-battling-flames-at-pierre- 
motel/article 212cdlfl-3040-5abb-b8cf-44ea9551c5b0.html 



33. November 12, WUSA 9 Washington, D.C. - (Virginia) Herndon apartment fire leaves 
$1.25 million in damage. Authorities reported that improperly discarded smoking 
materials were the source of a November 10 fire that caused an estimated $1.25 million 
in damage to an apartment building in Herndon. Eighteen residents were displaced by 
the fire. 

Source: http ://ww w . wusa9.com/story/news/20 14/11/1 2/hemdon-apartment-fire- 
jefferson-park-drive/l 8905747/ 

34. November 12, Moline Dispatch/Moline Rock Island Argus - (Illinois) Fire heavily 
damages Silvis Dollar General store. Staff and customers safely evacuated a Dollar 
General store at the Crosstown Shopping Center in Silvis November 1 1 after a fire that 
started inside the business caused an estimated $500,000 in damage. A grocery store 
and vacant store space located at the shopping center suffered smoke damage from the 
blaze. 

Source: http://www.qconline.com/news/local/fire-heavily-damages-silvis-dollar- 
general- store/article 28945da0-db6c-54bl-a877-e22f8429e3c5.html 

35. November 11, OakRidgeToday.com - (Tennessee) Shopping center evacuated after 
gas leak reported. At least four businesses and a parking lot at an Oak Ridge shopping 
center were evacuated for several hours November 1 1 due to a reported gas leak at a 
former Kroger grocery store. Crews ventilated the stores and measured gas levels in the 
area before the businesses were allowed to reopen. 

Source: http ://oakridgetoday. com/20 14/11/11 /shopping-center-evacuated-gas-leak- 
reported/ 

36. November 11, Softpedia - (International) Hacker steals payment data from One 
Love Organics website. One Love Organics notified consumers October 30 that the 
online beauty product company’s server was compromised and the personal 
information, including payment card data, of customers who made purchases between 
August 24 and October 15 may have been breached. A representative reported that an 
attacker leveraged a vulnerability in the Web site’s shopping cart feature to perform 
and SQL injection, and that the vulnerability has since been closed. 

Source: http://news.softpedia.com/news/Hacker-Steals-Payment-Data-from-One-Love- 
Organics-Website-464725 .shtml 
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Dams Sector 



Nothing to report 
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Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 
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